CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Intruder Identification in Mobile Ad Hoc Networks

Bharat Bhargava - CERIAS Security Center and Computer Science Department, Purdue University

Nov 06, 2002

Abstract

Intruder identification in ad hoc networks is complementary to
intrusion detection. The research challenge is to correctly identify
the malicious hosts in a flat infrastructure. We propose a
specification of intruder identification and four criteria to evaluate
the algorithms. Specifically, we consider intruder identification in
the AODV (Ad hoc On-demand Distance Vector) protocol. We study the
attacks on AODV that target its security flaws. A protocol called RLR
(Reverse Labeling Restriction) is presented to identify and isolate
malicious hosts. RLR traces back the propagation paths of false routing
information through reverse labeling. The protocol enables the hosts to
share the knowledge in a secure way. The knowledge consists of a list
of suspicious hosts in the perception of individual hosts and together,
it lead towards indicting the intruder. One can assign a level of trust
for each suspect. This will allow the discovery and management of a
trusted route.



We simulate RLR using ns2. The simulation shows that up to 95% of the
normal hosts can successfully reach and accept the identification
results in a reasonable amount of time. Isolating the malicious hosts
through rejecting the routing information from indicted intruders leads
to a 30% increase in the data delivery. Host mobility and the number of
independent malicious hosts are input parameters. The observed data
includes effectiveness, accuracy, and overhead of RLR in different
network environments. The robustness of the protocol is analyzed. It
shows that RLR does not introduce any new vulnerabilities. This
research can be applied to other ad hoc network routing protocols. This
research is leading towards solving the problem of trusted route
discovery.



This is joint work with Weichao Wang and Yi Lu and is supported by NSF
and CISCO



More information about research in Raid lab is at http://www.cs.purdue.edu/homes/bb.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

Disclaimer

The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.